Open
Description
Describe the bug
when using headlamp in multi-cluster mode, all websocket attemps got 502 response code:
To Reproduce
Steps to reproduce the bug:
- Install in multi-cluster mode
- choose a cluster
- login even with token or OIDC
- go to whatever (workloads for example)
- check the debugger
Environment (please provide info about your environment):
- Installation type: In-Cluster with Helm and argoCD on EKS clusters ; multi-cluster with kubeconfig
- Headlamp Version: same behavior with
0.27.0,0.28.0,0.29.1,0.30.1,
Are you able to fix this issue?
I don't think but I'm on the slack channel and can make tests
Additional Context
Problem is really obvious when using log or shell, but even for all watch request from the frontend I have a 502 in the console and the following log in headlamp pod:
http: proxy error: No valid id-token, and cannot refresh without refresh-token
which I can't find in the source code (probably external lib?).
I took tcpdump traces between ingress and headlamp and 502 is sent by headlamp. Ingress seems to work well with webSockets
Interesting clue: everything is working well with the /c/main/... routes but as soon as I try the multi-cluster routes /c/<cluster>/... 502 appears.
